Home > mailing lists

Re: Re: Re: Secure pages - Mailing list pgsql-php

From	Martin A. Marques
Subject	Re: Re: Re: Secure pages
Date	March 13, 2001 20:47:23
Msg-id	01031319422609.24705@math.unl.edu.ar Whole thread Raw
In response to	RE: Re: Re: Secure pages ("Christian Marschalek" <cm@chello.at>)
Responses	RE: Re: Re: Secure pages ("Christian Marschalek" <cm@chello.at>)
List	pgsql-php

Tree view

El Mar 13 Mar 2001 19:23, Christian Marschalek escribió:
> Why not ask for a password, encrypt it (with 128bit or something;), check
> it with the database (which has the encyrpted pwds) and pass the encrypted
> password from page to page...
>
> like: <a href="blah.php?encryptedpassword">

Horrible idea!! Even with an encrypted password. Use PHP sessions, and save
any info on the session (this is saved on a temp file on the server, and only
the session handle is passed to the browser).


--
System Administration: It's a dirty job,
but someone told I had to do it.
-----------------------------------------------------------------
Martín Marqués            email:     martin@math.unl.edu.ar
Santa Fe - Argentina        http://math.unl.edu.ar/~martin/
Administrador de sistemas en math.unl.edu.ar
-----------------------------------------------------------------

pgsql-php by date:

From: Chris
Date: 13 March 2001, 20:35:20
Subject: RE: Re: Re: Secure pages

From: "Christian Marschalek"
Date: 13 March 2001, 23:38:38
Subject: RE: Re: Re: Secure pages

Re: Re: Re: Secure pages - Mailing list pgsql-php

Previous

Next